VYPR
Vendor

Woo

Products
3
CVEs
12
Across products
12
Status
Private

Products

3

Recent CVEs

12
  • CVE-2023-33331HigDec 18, 2023
    risk 0.55cvss 8.5epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.76.

  • CVE-2023-37870HigJun 19, 2024
    risk 0.53cvss 8.1epss 0.00

    Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.1.9.

  • CVE-2023-35879HigOct 31, 2023
    risk 0.49cvss 7.6epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.78.

  • CVE-2024-24799MedMar 26, 2024
    risk 0.42cvss 6.5epss 0.01

    Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2.

  • CVE-2017-20193Oct 16, 2024
    risk 0.00cvss epss 0.00

    The Product Vendors is vulnerable to Reflected Cross-Site Scripting via the 'vendor_description' parameter in versions up to, and including, 2.0.35 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject…

  • CVE-2023-51495Jun 14, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7.

  • CVE-2023-51496Jun 14, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7.

  • CVE-2023-52186Jun 11, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2.

  • CVE-2023-34003Jun 9, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51.

  • CVE-2023-51494Jun 9, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.1.

  • CVE-2023-34004Aug 30, 2023
    risk 0.00cvss epss 0.00

    Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Box Office plugin <= 1.1.50 versions.

  • CVE-2023-33317Aug 30, 2023
    risk 0.00cvss epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Returns and Warranty Requests plugin <= 2.1.6 versions.